The manual input trimming inside the EffectControlLinearizer is no
longer necessary, since we have to do explicit graph trimming before
running the MemoryOptimizer anyways these days.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2144603002
Cr-Commit-Position: refs/heads/master@{#37681}
- check that packed elements do not contain the_hole (with fix)
- verify argument objects with elements kind
- use JSObjectVerifiy in all JSObject "subclasses"
- change initialization order for ArrayLiteralBoilerplate to simplify verification
BUG=v8:5188
Review-Url: https://codereview.chromium.org/2126613002
Cr-Commit-Position: refs/heads/master@{#37680}
This widens the set of binary operator reductions that are applied by
TurboFan when graphs are built from bytecode. By now we only insert
number conversions to inputs of integer binary ops (i.e. bitwise and
shifts), others no longer require a "before" frame state input.
R=bmeurer@chromium.org
Review-Url: https://codereview.chromium.org/2135973003
Cr-Commit-Position: refs/heads/master@{#37674}
This is another point where we add inconsistent behavior between simple and
detailed stack traces. The functionality also does not seem to be used in
chrome anymore when uncaught exceptions are thrown. Remove it to reduce
maintenance burden.
BUG=624285
R=yangguo@chromium.org
Review-Url: https://codereview.chromium.org/2141523002
Cr-Commit-Position: refs/heads/master@{#37673}
Turn the retyping pass of SimplifiedLowering into a proper phase, and
make it possible to propagate feedback types through non-speculative
operators. This defers the output representation selection to the
retyping phase, and checks that we don't mess up.
As a first user, we consume input type feedback for NumberAbs as well.
Long-term we can add all other operators to the mix.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2139203002
Cr-Commit-Position: refs/heads/master@{#37672}
I removed or replaced some values in the list of float and double values
in value-helper.h which cannot be represented precisely as floats or
doubles, respectively.
R=titzer@chromium.org
Review-Url: https://codereview.chromium.org/2135243004
Cr-Commit-Position: refs/heads/master@{#37671}
This removes the checking for use-def and def-use chain links from the
graph verification. Presence of such links can only be violated by a bug
in the actual {Node} implementation itself. That container class is also
covered by unit tests.
The verification in question was useful in the early days when the graph
implementation itself was prone to bugs. By now it has stabilized and
spending O(n^2) time during graph verification is too wasteful to still
be considered a reasonable trade-off.
R=jarin@chromium.org
TEST=unittests/NodeTest.*
Review-Url: https://codereview.chromium.org/2140973003
Cr-Commit-Position: refs/heads/master@{#37670}
The PlainPrimitiveToNumber operator performs a superset of the operations
previously performed by the BooleanToNumber and StringToNumber operators,
so we can just use the special lowering rules for PlainPrimitiveToNumber
based on the input type and get rid of the specialized operators.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2139183002
Cr-Commit-Position: refs/heads/master@{#37669}
This CL separates the check whether something is tail-callable from
the computation of the size of the stack parameters that a function
takes.
In order to track this precisely, the stack parameter size calculation
uses the recently landed MachineType information that's embedded
in return and parameter value LinkageLocations.
Review-Url: https://codereview.chromium.org/2121753002
Cr-Commit-Position: refs/heads/master@{#37668}
Temporary commit to see performance data. Will be reverted
shortly after.
BUG=chromium:622332
TBR=vogelheim, jochen
NOTRY=true
Review-Url: https://codereview.chromium.org/2135313002
Cr-Commit-Position: refs/heads/master@{#37667}
Remove obsolete definitions from macros.py, and drop the now obsolete
%_ToPrimitive, %_ToPrimitive_Number, %_ToPrimitive_String, %_ToName
and the %ToPrimitive_String intrinsics/runtime entries.
R=yangguo@chromium.org
BUG=v8:5049
Review-Url: https://codereview.chromium.org/2137203002
Cr-Commit-Position: refs/heads/master@{#37665}
Added trace printout for replacements in Turbofan reducers.
Renamed graph trimmer trace flag to avoid confusion.
Review-Url: https://codereview.chromium.org/2123283006
Cr-Commit-Position: refs/heads/master@{#37663}
Rolling v8/build to 3cd1ead0173f28d3aa6b28590495ae67340a3a5e
Rolling v8/third_party/icu to b5ecbb29a26532f72ef482569b223d5a51fd50bf
Rolling v8/tools/mb to 9a768a4d908ec89978a95e1c04c62336f5cfbcd2
TBR=machenbach@chromium.org,vogelheim@chromium.org,hablich@chromium.org
Review-Url: https://codereview.chromium.org/2144483002
Cr-Commit-Position: refs/heads/master@{#37662}
AllocateSpillSlot can now handle requests for 16 byte slots.
LOG=N
BUG=v8:4124
Review-Url: https://codereview.chromium.org/2139663002
Cr-Commit-Position: refs/heads/master@{#37661}
Instead just return undefined
A side effect of this is that it's no longer possible to compile
functions in a detached context.
BUG=chromium:541703
R=verwaest@chromium.org,bmeurer@chromium.org
CQ_INCLUDE_TRYBOTS=tryserver.chromium.linux:linux_chromium_rel_ng
Review-Url: https://codereview.chromium.org/2034083002
Cr-Commit-Position: refs/heads/master@{#37657}
When the scanner finds a '-->', it's either part of an HTMLCloseComment
or a '--' followed by a '>'. Previously, only a preceding newline would
make it an HTMLCloseComment. Now, a preceding multiline comment also
makes it an HTMLCloseComment. The effect is that now the following is
not a SyntaxError:
x/*
*/-->this is now a comment
BUG=v8:5142
LOG=y
Review-Url: https://codereview.chromium.org/2119763003
Cr-Commit-Position: refs/heads/master@{#37656}
This patch just checks for a stack overflow and returns failure
from the cases which Clusterfuzz found. However, there may be
more locations in the parser which need similar treatment.
R=caitpotter88@gmail.com,neis
BUG=v8:4483,chromium:624300
Review-Url: https://codereview.chromium.org/2135503002
Cr-Commit-Position: refs/heads/master@{#37655}
This removes the frame state input representing the before-state from
nodes having any comparison operator. Lowering that inserts number
conversions of the inputs has to be disabled when deoptimization is
enabled, because the frame state layout is no longer known.
R=jarin@chromium.org
BUG=v8:5021
Review-Url: https://codereview.chromium.org/2134173002
Cr-Commit-Position: refs/heads/master@{#37646}
This extends pretenuring decisions based on allocation sites to heap
numbers that are allocated as part of object literals. It ensures memory
locality of a bigger enclosure of the deep copy of an object literal.
R=bmeurer@chromium.org
TEST=cctest/test-heap/OptimizedPretenuringMixedInObjectProperties
Review-Url: https://codereview.chromium.org/2135933002
Cr-Commit-Position: refs/heads/master@{#37645}
If the first input to CheckBounds is already an Unsigned32, then
we can just truncate both inputs to word32 and lower the bounds
check.
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2138753002
Cr-Commit-Position: refs/heads/master@{#37643}
This unifies phases in SimplifiedLowering, and will enable
more optimizations, i.e. we can do the output representation
during typing then, which in turn should allow us to use the
feedback type even in unchecked operators (i.e. NumberAbs).
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2137003002
Cr-Commit-Position: refs/heads/master@{#37639}
By adding MachineType to LinkageLocation, it is possible not only to reason
about the location of a LinkageLocation on the stack, but also about it's
size. This will be useful in follow-on CLs that attempt to merge some of the
parameter passing logic of tail calls and normal (non-tail) calls.
As a nice side-effect, it is no longer necessary to separately keep a
MachineSignature in a CallDescriptor, because the MachineTypes contianed in
LinkageLocation for all of the Descriptor's parameters and return types are
sufficient. This CL therefore removes the MachineSignature from the
CallDescriptor and adjusts all the calling code accordingly, simplifying and
de-duplicating code in a bunch of places.
R=titzer@chromium.org, bmeurer@chromium.org
LOG=N
Review-Url: https://codereview.chromium.org/2124023003
Cr-Commit-Position: refs/heads/master@{#37633}
Reason for revert:
crashes: crbug.com/626719
Original issue's description:
> Avoid Context::Enter and Context::Exit if we're reentering the active and last entered context
>
> A bit of browsing around indicates that the new fast-path is taken most of the time:
> 3496 Entering new
> 152295 Reentering same
>
> BUG=
>
> Committed: https://crrev.com/1829eb661ef1cf432fb551bcb193f521a219d490
> Cr-Commit-Position: refs/heads/master@{#37570}
TBR=jochen@chromium.org,verwaest@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=
Review-Url: https://codereview.chromium.org/2140563002
Cr-Commit-Position: refs/heads/master@{#37632}